CVE-2023-35941
First published: Tue Jun 27 2023(Updated: )
Envoy is an open source edge and service proxy designed for cloud-native applications. Prior to versions 1.27.0, 1.26.4, 1.25.9, 1.24.10, and 1.23.12, a malicious client is able to construct credentials with permanent validity in some specific scenarios. This is caused by the some rare scenarios in which HMAC payload can be always valid in OAuth2 filter's check. Versions 1.27.0, 1.26.4, 1.25.9, 1.24.10, and 1.23.12 have a fix for this issue. As a workaround, avoid wildcards/prefix domain wildcards in the host's domain configuration.
Credit: security-advisories@github.com security-advisories@github.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Envoyproxy Envoy | >=1.23.0<1.23.12 | |
| Envoyproxy Envoy | >=1.24.0<1.24.10 | |
| Envoyproxy Envoy | >=1.25.0<1.25.9 | |
| Envoyproxy Envoy | >=1.26.0<1.26.4 | |
| redhat/envoy | <1.26.3 | 1.26.3 |
| redhat/envoy | <1.25.8 | 1.25.8 |
| redhat/envoy | <1.24.9 | 1.24.9 |
| redhat/envoy | <1.23.11 | 1.23.11 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
- https://github.com/envoyproxy/envoy/security/advisories/GHSA-7mhv-gr67-hq55
- https://access.redhat.com/errata/RHSA-2023:4624
- https://access.redhat.com/errata/RHSA-2023:4625
- https://access.redhat.com/security/cve/cve-2023-35941
- https://access.redhat.com/errata/RHSA-2023:5175
- https://bugzilla.redhat.com/show_bug.cgi?id=2217977
Frequently Asked Questions
What is CVE-2023-35941?
CVE-2023-35941 is a vulnerability in the Envoy proxy that allows a malicious client to construct credentials with permanent validity in specific scenarios.
What is the severity of CVE-2023-35941?
CVE-2023-35941 has a severity rating of 9.8 (Critical).
How does CVE-2023-35941 affect Envoy?
CVE-2023-35941 affects Envoy versions 1.27.0, 1.26.4, 1.25.9, 1.24.10, and 1.23.12.
How can I fix CVE-2023-35941?
To fix CVE-2023-35941, you should update Envoy to version 1.27.0, 1.26.4, 1.25.9, 1.24.10, or 1.23.12.
Where can I find more information about CVE-2023-35941?
You can find more information about CVE-2023-35941 on the Envoy GitHub security advisory page and the Red Hat advisory page.
- collector/nvd-latest
- collector/nvd-index
- agent/author
- agent/type
- agent/last-modified-date
- agent/softwarecombine
- agent/first-publish-date
- agent/references
- agent/weakness
- agent/severity
- agent/description
- collector/redhat-bugzilla
- source/Red Hat
- alias/CVE-2023-35941
- agent/software-canonical-lookup
- agent/tags
- agent/event
- collector/nvd-api
- agent/software-canonical-lookup-request
- vendor/envoyproxy
- canonical/envoyproxy envoy
- version/envoyproxy envoy/1.24.0
- version/envoyproxy envoy/1.25.0
- version/envoyproxy envoy/1.26.0
- version/envoyproxy envoy/1.23.0
- package-manager/redhat